A. Field of the Invention
The present invention relates to a method for completing portable data carriers as well as to a security module and to a system for carrying out such a method.
B. Related Art
Upon the manufacture of portable data carriers, in a first manufacturing step an operating system mask is incorporated into a non-rewritable, non-volatile memory of the data carrier, for example a ROM memory. In a further step, the completion step, the incorporated operating system mask is completed. In so doing, possible errors of the operating system mask are corrected as well as extensions of the operating system are loaded. Furthermore, the possibly corrected and extended operating system is suitably configured. In so doing, corresponding completion data are loaded into a non-volatile, rewritable memory of the data carrier, for example an EEPROM memory. For this purpose, the data carrier is connected with a suitable completion apparatus, on which the completion data are made available.
Before data carriers with operating system mask and associated completion go into series production, smaller test quantities of these data carriers are extensively tested. This is often effected remote from the actual data carrier production in possibly external test departments especially adapted for this purpose. Errors or defects found upon testing are then remedied by adjusted completion data, whereupon new tests are carried out with such data carriers which have been completed with the adjusted completion data.
Since the data carriers to be tested are normally produced, i.e. in particular are completed, in only very small quantities, the possibly multiple completion thereof significantly hinders the flow of the other series production, i.e. of the completion of data carriers with entirely tested operating system components. Series production is designed for and optimized to the manufacturing of large series. Outsourcing the completion of small test series, for example to the corresponding external test departments, involves the risk of still secret completion data being misused. Likewise, it is possible that instead of limited test series, larger quantities of data carriers are completed with the completion data or that completed data carriers are not properly configured.
EP 1 722 336 A2 describes a method for generating initialization data for a security data carrier. Therein, a security module, for example a USB token, is made available, on which secret data for generating the initialization data are stored. The security module can further be adapted to receive input data and to generate the initialization data by means of its own routines and using the secret data. However, in the EP 1 722 336 A2 there is neither described the way in which initialization data producible or produced in such a way can be incorporated in a secure manner into corresponding security data carriers, nor how the free use of the generated initialization data can be properly restricted.